Matching Items (5)
Filtering by
- All Subjects: Web Applications
- Creators: Bazzi, Rida
- Creators: Software Engineering
Description
Internet browsers are today capable of warning internet users of a potential phishing attack. Browsers identify these websites by referring to blacklists of reported phishing websites maintained by trusted organizations like Google, Phishtank etc. On identifying a Unified Resource Locator (URL) requested by a user as a reported phishing URL, browsers like Mozilla Firefox and Google Chrome display an 'active' warning message in an attempt to stop the user from making a potentially dangerous decision of visiting the website and sharing confidential information like username-password, credit card information, social security number etc.
However, these warnings are not always successful at safeguarding the user from a phishing attack. On several occasions, users ignore these warnings and 'click through' them, eventually landing at the potentially dangerous website and giving away confidential information. Failure to understand the warning, failure to differentiate different types of browser warnings, diminishing trust on browser warnings due to repeated encounter are some of the reasons that make users ignore these warnings. It is important to address these factors in order to eventually improve a user’s reaction to these warnings.
In this thesis, I propose a novel design to improve the effectiveness and reliability of phishing warning messages. This design utilizes the name of the target website that a fake website is mimicking, to display a simple, easy to understand and interactive warning message with the primary objective of keeping the user away from a potentially spoof website.
However, these warnings are not always successful at safeguarding the user from a phishing attack. On several occasions, users ignore these warnings and 'click through' them, eventually landing at the potentially dangerous website and giving away confidential information. Failure to understand the warning, failure to differentiate different types of browser warnings, diminishing trust on browser warnings due to repeated encounter are some of the reasons that make users ignore these warnings. It is important to address these factors in order to eventually improve a user’s reaction to these warnings.
In this thesis, I propose a novel design to improve the effectiveness and reliability of phishing warning messages. This design utilizes the name of the target website that a fake website is mimicking, to display a simple, easy to understand and interactive warning message with the primary objective of keeping the user away from a potentially spoof website.
ContributorsSharma, Satyabrata (Author) / Bazzi, Rida (Thesis advisor) / Walker, Erin (Committee member) / Gaffar, Ashraf (Committee member) / Arizona State University (Publisher)
Created2015
Description
As our relationship with technology continues to encourage people to spend more time engaged online, traditional means of journalism must adapt in order to communicate with audiences. While many news organizations default to social media outlets, the goal of this project is to allow users a more direct experience with reporters, photographers and editors. It will allow The State Press, the official, student-run news organization covering ASU, to create content within Slack, an internal messaging platform commonly used in newsrooms. Secondly, it will provide a means for viewers to conveniently ingest their news as it unfolds, with updates, media, and analysis appearing in front of them without having to refresh the page.
ContributorsQuigley, James Alan (Author) / Gary, Kevin (Thesis director) / Squire, Susan (Committee member) / Software Engineering (Contributor) / W.P. Carey School of Business (Contributor) / Barrett, The Honors College (Contributor)
Created2018-05
Description
Cravingz is a web-based application that allows users to learn the maximum number of food items that they can purchase at a restaurant within a defined personal budget. We created two versions of this web-based application and asked 40 users to perform an A/B test to determine which version provides the best user experience in terms of efficiency and performance. Users who participated in this study completed a set of tasks to test these applications. Our findings demonstrate that users prefer a web application that does not require them to input data repeatedly to view combinations for multiple restaurants. Although the version which required reentry of data was more visually-pleasing, users preferred the version in which inputting data was a one-time task.
ContributorsPandarinath, Agastya (Co-author) / Jain, Ayushi (Co-author) / Atkinson, Robert (Thesis director) / Chavez-Echeagaray, Maria Elena (Committee member) / Computer Science and Engineering Program (Contributor) / Barrett, The Honors College (Contributor)
Created2017-05
Description
Many organizational course design methodologies feature general guidelines for the chronological and time-management aspects of course design development. Proper course structure and instructional strategy pacing has been shown to facilitate student knowledge acquisition of novel material. These course-scheduling details influencing student learning outcomes implies the need for an effective and tightly coupled component of an instructional module. The Instructional Module Development System, or IMODS, seeks to improve STEM, or ‘science, technology, engineering, and math’, education, by equipping educators with a powerful informational tool that helps guide course design by providing information based on contemporary research about pedagogical methodology and assessment practices. This is particularly salient within the higher-education STEM fields because many instructors come from backgrounds that are more technical and most Ph.Ds. in science fields have traditionally not focused on preparing doctoral candidates to teach. This thesis project aims to apply a multidisciplinary approach, blending educational psychology and computer science, to help improve STEM education. By developing an instructional module-scheduling feature for the Web-based IMODS, Instructional Module Development System, system, we can help instructors plan out and organize their course work inside and outside of the classroom, while providing them with relevant helpful research that will help them improve their courses. This article illustrates the iterative design process to gather background research on pacing of workload and learning activities and their influence on student knowledge acquisition, constructively critique and analyze pre-existing information technology (IT) scheduling tools, synthesize graphical user interface, or GUI, mockups based on the background research, and then implement a functional-working prototype using the IMODs framework.
ContributorsCoomber, Wesley Poblete (Author) / Bansal, Srividya (Thesis director) / Lindquist, Timothy (Committee member) / Software Engineering (Contributor) / Barrett, The Honors College (Contributor)
Created2016-05
Description
Data from a total of 282 online web applications was collected, and accounts for 230 of those web applications were created in order to gather data about authentication practices, multistep authentication practices, security question practices, fallback authentication practices, and other security practices for online accounts. The account creation and data collection was done between June 2016 and April 2017. The password strengths for online accounts were analyzed and password strength data was compared to existing data. Security questions used by online accounts were evaluated for security and usability, and fallback authentication practices were assessed based on their adherence to best practices. Alternative authentication schemes were examined, and other security considerations such as use of HTTPS and CAPTCHAs were explored. Based on existing data, password policies require stronger passwords in for web applications in 2017 compared to the requirements in 2010. Nevertheless, password policies for many accounts are still not adequate. About a quarter of online web applications examined use security questions, and many of the questions have usability and security concerns. Security mechanisms such as HTTPS and continuous authentication are in general not used in conjunction with security questions for most web applications, which reduces the overall security of the web application. A majority of web applications use email addresses as the login credential and the password recovery credential and do not follow best practices. About a quarter of accounts use multistep authentication and a quarter of accounts employ continuous authentication, yet most accounts fail to combine security measures for defense in depth. The overall conclusion is that some online web applications are using secure practices; however, a majority of online web applications fail to properly implement and utilize secure practices.
ContributorsGutierrez, Garrett (Author) / Bazzi, Rida (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2017